Vulnerabilities > CVE-2009-0961 - Unspecified vulnerability in Apple Iphone OS and Ipod Touch
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert.
Vulnerable Configurations
Exploit-Db
description Apple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (2). CVE-2009-0961. Remote exploit for hardware platform id EDB-ID:33045 last seen 2016-02-03 modified 2009-05-17 published 2009-05-17 reporter Collin Mulliner source https://www.exploit-db.com/download/33045/ title Apple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 2 description Apple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (1). CVE-2009-0961. Remote exploit for hardware platform id EDB-ID:33044 last seen 2016-02-03 modified 2009-05-17 published 2009-05-17 reporter Collin Mulliner source https://www.exploit-db.com/download/33044/ title Apple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 1 description Apple iPhone 2.2.1 Call Approval Dialog Security Bypass Vulnerability (3). CVE-2009-0961. Remote exploit for hardware platform id EDB-ID:33046 last seen 2016-02-03 modified 2009-05-17 published 2009-05-17 reporter Collin Mulliner source https://www.exploit-db.com/download/33046/ title Apple iPhone <= 2.2.1 Call Approval Dialog Security Bypass Vulnerability 3